package common.security.authentication;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang3.StringUtils;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;

/**
 * 
 * ajax 请求返回错误码
 * @author Administrator
 *
 */
@SuppressWarnings("deprecation")
public class AjaxAwareLoginUrlAuthenticationEntryPoint extends LoginUrlAuthenticationEntryPoint {

	public void commence(final HttpServletRequest request, final HttpServletResponse response,
			final AuthenticationException authException) throws IOException, ServletException {
		if (StringUtils.isNotBlank(request.getHeader("Accept")) && request.getHeader("Accept").contains("application/json")) {
			response.sendError(HttpServletResponse.SC_FORBIDDEN, "Access Denied");// 对于ajax请求不重定向
		} else {
			super.commence(request, response, authException);
		}
	}
}
